What do a business's invoices have in common with e-mail? If both are done on the same computer, the business owner may want to think more about computer security. Information-payroll records, proprietary information, client or employee data-is essential to a business's success. A computer failure or other system breach could cost a business anything from its reputation to damages and recovery costs. The small business owner who recognizes the threat of computer crime and takes steps to deter inappropriate activities is less likely to become a victim. The vulnerability of any one small business may not seem significant to many other than the owner and employees of that business. However, over 27 million U.S. businesses-over 99 percent of all U.S. businesses-are small and medium-size businesses (SMBs) of 500 employees or less. Therefore, a vulnerability common to a large percentage of all SMBs could pose a threat to the Nation's economic base. In the special arena of information security, vulnerable SMBs also run the risk of being compromised for use in crimes against governmental or large industrial systems upon which everyone relies. SMBs frequently cannot justify an extensive security program or a full-time expert. Nonetheless, they confront serious security challenges and must address security requirements based on identified needs.
The difficulty for these businesses is to identify needed security mechanisms and training that are practical and cost-effective. Such businesses also need to become more educated in terms of security so that limited resources are well applied to meet the most obvious and serious threats. To address this need, NIST, the Small Business Administration (SBA), and the Federal Bureau of Investigation (FBI) entered into a co-sponsorship agreement for the purpose of conducting a series of training meetings on computer security for small businesses. The purpose of the meetings is to have individuals knowledgeable in computer security provide an overview of information security threats, vulnerabilities, and corresponding protective tools and techniques with a special emphasis on providing useful information that small business personnel can apply directly or use to task contractor personnel.
Partnerships
The Small Business Administration (SBA) is an agency of the Federal government whose mission is to aid, counsel, assist and protect the interests of small business by providing them financial, contractual and business development assistance.
The FBI, in conjunction with representatives from private industry, the academic community, and the public sector, developed the InfraGard program to expand direct contacts with the private sector infrastructure owners and operators and to share information about cyber intrusions, exploited vulnerabilities, and infrastructure threats. The initiative, encouraging the exchange of information by the government, represented by the FBI and private sector members, expanded through the formation of sixty (60) InfraGard Chapters throughout the country.
Purpose:
Increasingly, businesses are relying on IT for storing, processing and communicating information. Information is one of the most valuable assets of any organization, public or private, and the protection of that information is critical. Information security is the protection of information from a wide range of threats and vulnerabilities to ensure business continuity.
The vulnerability of any one small business may not seem significant to many other than the owner and employees. However, 95 percent of all US businesses are small and medium-sized businesses (SMBs), of 500 employees or less. Therefore a vulnerability common to a large percentage of all SMBs could pose a threat to the Nation's economic base. In the special arena of information security, vulnerable SMBs also run the risk of being compromised for use in crimes against governmental or large industrial systems upon which everyone relies. SMBs cannot always justify an extensive security program, or often a single full time expert. Nonetheless, they confront serious security challenges and must address security requirements based on identified needs.
The difficulty for these organizations is to identify needed/cost-effective security mechanisms and obtain training that is practical and cost effective. Such organizations also need to become more educated consumers in terms of security, so that their limited security resources are well applied to meet the most obvious and serious threats.
To address this need, NIST, SBA and FBI program entered into a Co-sponsorship Agreement for the purpose of conducting a series of regional workshops on IT security for small businesses. NIST hosts the workshops with SBA and FBI as cosponsors. The purpose of the workshops is to have individuals knowledgeable in IT security provide an overview of information security threats, vulnerabilities, and corresponding protective tools and techniques - with a special emphasis on providing useful information that small business IT personnel can apply directly or use to task contractor personnel.